<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>用户登录</title>
<link href="./styles/login.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
if (isset ( $_POST ['submit'] ) and $_POST ['submit'] == '登录') {
	// 获取浏览器发过来的页面数据
	$u = $_POST ['account'];
	$p = $_POST ['password'];
	// 加载数据库连接
	include './includes/dbhelper.php';
	// 查询该用户是否存在
	$result = mysql_query ( "select * from `bookmgr_user_info` where `account` ='$u' and `password`=md5('$p')" );
	$row = mysql_fetch_array ( $result );
	if (! $row) {
		// 没有查找到表示登录失败
		echo "<script>alert('登录失败')</script>";
	} else {
		// 否则将该用户信息保存到session中
		session_start ();
		$_SESSION ['userinfo'] = array (
				'userid' => $row ['userid'],
				'username' => $row ['username'],
				'account' => $row ['account'],
				'user_images' => $row ['user_images'] 
		);
		// 跳转到index页面
		header ( "location:index.php" );
	}
} else {
	// 清空session
	session_unset ();
	session_destroy ();
}
?>
<div id="login_container">
		<div class="loginTitle">
			<h1>系统登录</h1>
		</div>
		<form action="./login.php" method="post">
			<div class="darea">
				<label class="lbl">帐号：</label><input type="text" name="account"
					class="txt" />
			</div>
			<div class="darea">
				<label class="lbl">密码：</label><input type="password" name="password"
					class="txt" />
			</div>
			<div class="barea">
				<input type="submit" name="submit" value="登录" class="btn" /> <a
					href="pages/register.php" target="_self" class="lnk">没有帐号怎么办？</a>
			</div>
		</form>
	</div>
</body>
</html>